﻿using System;
using System.Web.Mvc;
using System.Web.Security;
using GsnHelper;
using ZhongheCms.Models;

namespace ZhongheCms.Controllers
{
   
    public class AccountController : Controller
    {
        public ActionResult Login()
        {
            ViewBag.error = "";
            return View();
        }

        public ActionResult LoginOld()
        {
            return View();
        }

        [HttpPost]
     
        public ActionResult Login(FormCollection c, string returnUrl)
        {
            try
            {


                if (ModelState.IsValid)
                {

                    string logon = GswTblUser.ValidateUser(c["uid"], c["pwd"]);
                    if (logon == "ok")
                    {
                      
                        FormsAuthentication.SetAuthCookie(c["uid"], true);
                        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                            && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                            return Redirect(returnUrl);

                        return RedirectToAction("Admin", "Home");
                    }
                    //ModelState.AddModelError("", logon);
                    //ViewBag.errcode = "1";
                    ViewBag.error = logon;

                }
            }
            catch (Exception e)
            {
               // ViewBag.errcode = "1";
                ViewBag.error = e.Message;
                //ModelState.AddModelError(string.Empty, e.Message);
            }
            return View();
        }


        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();
            GswTblUser.LoginOut();
            return RedirectToAction("Login", "Account");
        }

        public ActionResult ChangePassword()
        {

            if (GswTblUser.CurrentUser == null)
                return RedirectToAction("Login", "Account");
         
            return View();

        }

        //
        // POST: /Account/ChangePassword


        [HttpPost]
        public ActionResult ChangePassword(FormCollection c)
        {


            string userName = GswTblUser.CurrentUser.UserName.Trim();
         
            if (string.IsNullOrEmpty(c["OldPwd"]))
                ModelState.AddModelError(string.Empty, "原密码不允许为空");
            if (string.IsNullOrEmpty(c["NeWPwd"]))
                ModelState.AddModelError(string.Empty, "新密码不允许为空");

            try
            {

                var user = GswTblUser.FirstOrDefault("where  username=@0", userName);
                if (user == null)
                    ModelState.AddModelError(string.Empty, "无此用户名");
                else
                {
                    if (ModelState.IsValid)
                    {
                        if (user.PwdHash.Trim() != EncryptPwd.EncodePassword(c["OldPwd"], user.PwdSalt))
                            ModelState.AddModelError(string.Empty, "原密码错误");
                        else
                        {
                            string salt = EncryptPwd.GenerateSalt();
                            string hash = EncryptPwd.EncodePassword(c["NewPwd"].Trim(), salt);
                            GswTblUser.Update("set PwdHash='" + hash + "',PwdSalt='" + salt + "' where id=" +
                                           user.Id);
                        }
                        ViewBag.scode = "1";
                    }

                }


            }
            catch (Exception e)
            {
                ModelState.AddModelError(string.Empty, e.Message);
            }
            if (!ModelState.IsValid)
                ViewBag.scode = "0";
            if (GswTblUser.CurrentUser == null)
                return RedirectToAction("Login", "Account");
            //GswTblUser.GetUserProfile(RouteData.Route.GetRouteData(HttpContext));
            return View();
        }

        //
        // GET: /Account/ChangePasswordSuccess

        public ActionResult ChangePasswordSuccess()
        {
            return View();
        }

    }
}
